More Security Articles

An update to 1Password brings time-based one-time passwords (TOTP for short) to its iOS app. A one-time password is typically used as a second element in two-factor authentication (2FA), a subject I've written about many times in this column. But, as noted in a sensible and honest post by AgileBits, 1Password's developer, a second factor isn't always a second factor.

Website owners take notice: In weeks, Mozilla products including its popular Firefox browser will stop trusting an unknown number of SSL certificates that were issued using old root CA certificates with 1024-bit RSA keys.

The size of the largest DDOS attack was fifty times larger last year than ten years ago, according to a new survey of Internet service and hosting providers, and attacks are also increasing in numbers and in sophistication.

The European Commission is reportedly revving up the engines on a controversial plan to retain passenger flight data across the EU, although a prior attempt got its wings clipped due to privacy concerns.

A Canadian surveillance agency is tapping into Internet cables and analyzing up to 15 million downloads from popular file-sharing websites each day, in an effort to identify political extremists, according to a news report by The Intercept and CBC News.

The average organization spent $115 per user on security-related software last year, but $33 of it, or 28 percent, was underutilized or not used at all, according to a new report from Osterman Research.

The SilentText secure messaging application bundled with Blackphone had a serious vulnerability that would have allowed attackers to decrypt messages, read contact information, gather location data and even execute malicious code on the phone.

Samsung Electronics smartphones and tablets protected using the company's Knox security technology have been integrated with VPNs from Cisco Systems, giving enterprises more options for communicating securely.